Julie Barrett is a freelance writer and photographer based in Plano, TX.

Watch out for this threat

Fresh when it gets here from Julie Barrett
Saturday, January 14, 2006


I'm going to quote from an e-mail I sent to some friends this morning. I know of a couple of people with fully patched systems that got hit with some very nasty spyware and Trojan programs. I'm starting a new category called Security. You can search for >Security (be sure to include the > character to search tags) to find any posts in this topic.

Do me a favor and don't copy this and send it to everyone you know. Send them to this page if you want. As new patches are released and this thread morphs (as is inevitable) some of what I say here will no longer be valid.

One person I know got hit with the WMF vulnerability just before Microsoft issued the patch. The other got hit via a software download. Here's what happens:

Both of these viruses/Trojans will try to install Spy Sheriff or another piece of supposed anti-spyware. If you get popups and/or a balloon message in your system tray saying that your computer is infected, this is a tip-off. What they do is infect your computer and then push ads to get you to buy a “cure.” The “cure” doesn’t exactly work. Spy Sheriff is supposedly an anti-spyware application, but tests have shown that it doesn't work very well. You’ll also get tons of popups, and your system may be infected with several Trojan horse programs, including a keylogger and a mass e-mailer.

The good news is that this doesn’t seem to be passed through the mainstream web sites – the kind of places we would normally visit. But if you visit places off the beaten path - be careful. Make sure your system is patched. Now. (This is another reason I'm committed to staying ad-free. I don't have control over what gets pushed to banners.)

Here’s how to protect yourself:

1. Get the latest patches from Microsoft. Get online, open Internet Explorer, and select Tools and then Windows Update and follow the instructions. If you have Windows XP you should have automatic updates turned on so these patches can get pushed to you. Go to the Control Panel, open the System icon, and click on the Automatic Updates tab to adjust your settings.

2. Be sure your anti-virus software is fully patched. Most programs have some sort of automatic update feature. Set it to get updates once a day, and scan your computer often. I scan mine every night overnight, but in my work I visit a lot of potentially unsafe web sites. At a minimum you should scan once a week.

3. Your anti-virus program should include some sort of e-mail protection. The second person found out about his infection when Norton warned him that a bunch of messages were being sent from his computer. It didn’t take long for his computer to get a backlog of (I kid you not) 70,000 messages. And we wonder why spam is so hard to combat.

4. If you have a broadband connection, get a good firewall program. If nothing else, activate the Windows XP firewall. Some of these viruses will deactivate firewalls (it happened to the second person), so be careful. Your program should leave a little icon in the System Tray (down by the clock) and it will change color if the firewall has been deactivated.

5. If you don’t have anti-virus and firewall software, get it. If you are with Comcast then you can get a free download of McAfee. As far as I can tell it’s the full program.

6. Get one or more anti-spyware applications. It’s a good bet to use two or more because the companies are always leapfrogging each other with updates to detect new stuff. Believe it or not, Consumer Reports gave high marks to the Windows Anti-Spyware program. To get it go to www.microsoft.com/security. Ad-Aware at www.lavasoft.de is another good one. When you install, always get the updates. There’s another called SpyBot Search & Destroy that will install some real time protection. It will ask you to confirm changes to your registry. It’s kind of a pain when you update or install new software to have to click this thing all the time, but you may be glad for it if it pops up something out of the blue. Try to scan about once a week.

7. Practice safe computing. Scan downloads and attachments before you open them. (Norton and McAfee are supposed to scan attachments automatically.) It may also be a good idea to check out a piece of software that you want to download first. Type the name in Google. Get your kids to do this as well. If it’s free, there may be a catch – like spyware or adware.

Unfortunately it is possible to get hit with a virus or Trojan even if your system is fully patched, so please, please be careful.

And while, "get a Mac" may be good advice, we can't all afford to ditch our computers and buy new hardware and software. And if you work in a place that uses Windows, you can't exactly make a switch. (Besides, I wouldn't consider buying a new Mac until the new hardware and OS comes out and the dust settles a bit, but that's just me.)

Tags: ,


Filed under: Security   Technology         

  2  Comments
 

Comments are closed
Gravatar
Julie said:
Thanks. I'm getting ready to do an update post and your link will be there.

And glad you enjoy the blog!
Date: Date:

Gravatar
Julie said:
Thanks. I'm getting ready to do an update post and your link will be there.

And glad you enjoy the blog!
Date: Date:





Comments: Add yours!


Search the Journal:

  

Search Tags:




Events and Appearances:
Looks like I don't have any events on the horizon. Would you like me to attend yours? Contact me!
All